The Australian Government is doubling down on the ransomware threat to local small and medium-sized businesses with a $1.67 billion investment to build new cybersecurity and law enforcement capabilities. That’s because ransomware remains the biggest cyber threat to small and medium-sized businesses – and the problem is only getting worse.
While the ransom cost itself hasn’t increased much in the last few years – rising from $US4300 in 2018 to $US5600 in 2020 – the downtime costs associated with being held to ransom has skyrocketed.
In 2018 the average cost of ransomware-associated downtime for small and medium-sized businesses was $US46,800, a figure that rose to $US274,200 in 2020. While some of that rise can be slated back to business getting better at estimating what downtime costs, it’s also a reflection on how disruptive being held to ransom can truly be.
To pay or not to pay?
The recently released Australian Government report Locked Out: Tackling Australia’s Ransomware Threat found one in three adult Australians were impacted by cybercrime in 2019, and that cyberattacks cost the Australian economy $29 billion every year.
It also found that 61 per cent of executives consider a ransomware attack likely in the next twelve months and that 62 per cent of small and medium-sized businesses have experienced a cybersecurity incident.
While cybercrime is on the rise, there’s also the possibility that actually paying a ransom could also be illegal.
In certain circumstances, the report indicates, paying a ransom might be unlawful under Australian law. The “instrument of crime” provisions within the Criminal Code Act are broad, and the available defences are narrow.
If an organisation pays a ransom, the report continues, there is a real risk the payment may be used in the commission of further offences. That’s why the Australian Government recommends against paying a ransom if your IT is infected. So, what are the solutions to the ransomware menace?
Business Continuity and Disaster Recovery is the answer
For small and medium-sized businesses, the best defence against ransomware is to use a managed service provider (MSP) which implements a business continuity and disaster recovery (BCDR) plan for your organisation.
While MSPs might seem expensive, most SMEs don’t have a dedicated IT person or team able to handle their technology needs. And the cost of an MSP, as we have seen, pales in comparison to the expense of downtime, both in real-money terms and also reputationally for the business.
An MSP will make sure you’re running the latest software and that the software is always updated. They will also backup your data into a secure cloud location and create a plan so that if you’re infected, you can “rollback” to the last clean copy of your software and data.
In fact, 91 per cent of managed service providers said clients’ business continuity and disaster recovery products in place are less likely to experience significant downtime due to ransomware. Many are also able to recover in around 24 hours.
The final piece in the puzzle is making sure your staff are trained to spot cyber threats and act accordingly. An MSP can put training programs in place, and ensure your staff are regularly refreshed on the latest cybersecurity threats and trends.
Ransomware is the biggest cybersecurity threat SMEs face. It can bring a business to its knees, and without BCDR, there is no sure-fire way back to normality. Given that paying a ransom could be illegal, SMEs need to make sure they’re protected and can deal with the inevitability of a ransomware attack.